loading...

Discussion on: Authorization and Authentication For Everyone

Collapse
kimmaida profile image
Kim Maida Author

OIDC addresses this by using something called a nonce, which is explained in the section on authentication claims. A nonce provides a way for a client to know that the token it receives is the one being returned from the exact authorization request that was issued.